Closed
Description
By default, a controller would expose all endpoints, but you should be able to restrict those as needed:
[NoHttpPost]
public class PeopleController : JsonApiController<Person>
{
public PeopleController(
IJsonApiContext jsonApiContext,
IResourceService<Person> resourceService,
ILoggerFactory loggerFactory)
: base(jsonApiContext, resourceService, loggerFactory)
{ }
}Possible Attributes:
- NoHttpPost
- NoHttpPatch
- NoHttpDelete
- HttpReadOnly (all of the above)
Response should be 405 and the Accept header should contain a list of acceptable methods